Contents x
    ServiceNow
    • 1 Minute to read
    • Print
    • PDF
    Contents

    ServiceNow

    • 1 Minute to read
    • Print
    • PDF
    Article Summary

    About this document

    This document provides step-by-step instructions to onboard a ServiceNow account in SAFE.

    Introduction

    SAFE integrates with ServiceNow via read-only APIs and fetches the security misconfiguration of the ServiceNow account in SAFE.

    Prerequisites

    To configure ServiceNow in SAFE, you need the following details:

    • Instance Name: Instance name of the user’s ServiceNow Instance (e.g., safe.service-now.com)
    • Client ID and Secret Key: To generate a Client ID and Secret Key, you must have a ServiceNow Administrator role.

    Generate Connection Details (Client ID and Secret Key)

    1. Log in to your ServiceNow Account as admin. 
    2. Click the All tab, and search for System OAuth > Application Registry.
      Service Now Config
    3. Click the Application Registry option.
    4. Click the New button available at the top-right corner of the screen.
      Service Now Config 1
    5. On the New page, click the “Create an OAuth API endpoint for external clients” option.
      Service Now Config 3
    6. Enter a Name for the application and click the submit button. The system creates a new app.
    7. Go to the created app details page.
    8. Copy the Client ID and Client Secret.
      Service Now Config 4

    Configure ServiceNow in SAFE

    1. Navigate to Safe Hooks and click the ServiceNow card.
    2. Enter the Instance Name.
    3. Enter the Username and Password (Admin Username and Password for ServiceNow account)
    4. Enter the Client ID and Client Secret Key.
    5. Enter auto-sync frequency in days.
    6. Click the Test Connection button.
    7. Once the connection is validated, click the Save button
    8. Once the configuration is saved, click the Sync Now button to trigger the on-demand sync outside of the scheduled auto sync.

    Service Now Config 6


    View Result

    After a successful sync, SAFE automatically imports the ServiceNow assets.

    To view the assets pulled from ServiceNow:

    1. Navigate to Technology > Assets.
    2. Filter the asset list with Asset Type as ServiceNow. The system displays all the Servicenow assets.
      Service Now Config 7
    3. Click the Asset name.
    4. The system displays all the controls and their status for ServiceNow.

    Service Now Config 8

    To view the results:

    1. Navigate to the Risk Scenario page and click the Group Risk tab.
    2. Click the Cloud - SaaS Applications Risk.
    3. On this page, the system displays the actionable insights for your ServiceNow account if it finds critical misconfigurations.
      Service Now Config 9
    4. Scroll down and click the Attack Surface view. 
    5. Here you can see the ServiceNow asset.
    6. Clicking the ServiceNow asset, the system displays all the controls and their status for ServiceNow.
      Service Now Config 10
    Was this article helpful?
    What's Next